Search
Search Results (45 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4433 | 1 Ibm | 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more | 2024-11-21 | 7.5 High |
| Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash. IBM X-Force ID: 180814. | ||||
| CVE-2020-4432 | 1 Ibm | 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more | 2024-11-21 | 7.5 High |
| Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810. | ||||
| CVE-2024-45098 | 1 Ibm | 1 Aspera Faspex | 2024-09-06 | 6.8 Medium |
| IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification. | ||||
| CVE-2024-45097 | 1 Ibm | 1 Aspera Faspex | 2024-09-06 | 5.9 Medium |
| IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification. | ||||
| CVE-2024-45096 | 1 Ibm | 1 Aspera Faspex | 2024-09-06 | 6.5 Medium |
| IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing. | ||||